Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.8
CVE-2022-27207
- EPSS 6.05%
- Published 15.03.2022 17:15:11
- Last modified 21.11.2024 06:55:24
Jenkins global-build-stats Plugin 1.5 and earlier does not escape multiple fields in the chart configuration on the 'Global Build Stats' page, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Overall/Admini...
6.1
CVE-2017-1000389
- EPSS 0.07%
- Published 26.01.2018 02:29:00
- Last modified 21.11.2024 03:04:37
Some URLs provided by Jenkins global-build-stats plugin version 1.4 and earlier returned a JSON response that contained request parameters. These responses had the Content Type: text/html, so could have been interpreted as HTML by clients, resulting ...
1